CVE-2023-52612

2024-03-1800:00:00

ubuntu.com

linux

kernel

crypto

scomp

vulnerability

buffer overflow

fix

scomp_scratch

unix

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.2%

JSON

In the Linux kernel, the following vulnerability has been resolved: crypto:
scomp - fix req->dst buffer overflow The req->dst buffer size should be
checked before copying from the scomp_scratch->dst to avoid req->dst buffer
overflow problem.

Notes

Author	Note
rodrigo-zaiden	USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-176.196UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-102.112UNKNOWN
ubuntu23.10noarchlinux< 6.5.0-41.41UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1122.132UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1057.63UNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1021.21UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1057.63~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1122.132~18.04.1UNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1127.134UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	linux	< 5.4.0-176.196	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-102.112	UNKNOWN
ubuntu	23.10	noarch	linux	< 6.5.0-41.41	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1122.132	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1057.63	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< 6.5.0-1021.21	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< 5.15.0-1057.63~20.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< 5.4.0-1122.132~18.04.1	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< 5.4.0-1127.134	UNKNOWN